Turning Off Facebook Location Tracking Doesn’t Stop It From Tracking Your Location

Illustration: Chelsea Beck (Gizmodo)

 

 

 

 

 

 

 

 

 

Aleksandra Korolova has turned off Facebook’s access to her location in every way that she can. She has turned off location history in the Facebook app and told her iPhone that she “Never” wants the app to get her location. She doesn’t “check-in” to places and doesn’t list her current city on her profile.

Despite all this, she constantly sees location-based ads on Facebook. She sees ads targeted at “people who live near Santa Monica” (where she lives) and at “people who live or were recently near Los Angeles” (where she works as an assistant professor at the University of Southern California). When she traveled to Glacier National Park, she saw an ad for activities in Montana, and when she went on a work trip to Cambridge, Massachusetts, she saw an ad for a ceramics school there.

Korolova thought Facebook must be getting her location information from the IP addresses she used to log in from, which Facebook says it collects for security purposes. (It wouldn’t be the first time Facebook used information gathered for security purposes for advertising ones; advertisers can target Facebook users with the phone number they provided for two-factor protection of their account.) As the New York Times recently reported, lots of apps are tracking users’ movements with surprising granularity. The Times suggested turning off location services in your phone’s privacy settings to stop the tracking, but even then the apps can still get location information, by looking at the wifi network you use or your IP address.

The question is whether Facebook should be held to a higher standard given its one-on-one relationship with its users. Should users be able to tell Facebook, ‘Hey, I don’t want you tracking my location for ad purposes’? And then should Facebook not let advertisers target those people based on their locations? Kolokova thinks that should be the case.

“The locations that a person visits and lives in reveal a great deal about them,” she writes on Medium. “Their surreptitious collection and use in ad targeting can pave the way to ads that are harmful, target people when they are vulnerable or enable harassment and discrimination.”

At this point, Facebook disagrees. It feels IP address is a rough approximation of location that is forgivable to use. To avoid this, you could stop using the Facebook app on your phone (where IP addresses tend to be more precisely mapped) or use a VPN when you log into Facebook. Or, of course, there’s always the option to quit Facebook altogether.

Read the complete article on Gizmodo here.

Advertisements

What machines can tell from your face

machine facial recognition on punzhu puzzles

We are now living our lives in the age of facial recognition, and each new technology comes with its own pro’s and con’s.

THE human face is a remarkable piece of work. The astonishing variety of facial features helps people recognise each other and is crucial to the formation of complex societies. So is the face’s ability to send emotional signals, whether through an involuntary blush or the artifice of a false smile. People spend much of their waking lives, in the office and the courtroom as well as the bar and the bedroom, reading faces, for signs of attraction, hostility, trust and deceit. They also spend plenty of time trying to dissimulate.

Technology is rapidly catching up with the human ability to read faces. In America facial recognition is used by churches to track worshippers’ attendance; in Britain, by retailers to spot past shoplifters. This year Welsh police used it to arrest a suspect outside a football game. In China it verifies the identities of ride-hailing drivers, permits tourists to enter attractions and lets people pay for things with a smile. Apple’s new iPhone is expected to use it to unlock the homescreen (see article).

Set against human skills, such applications might seem incremental. Some breakthroughs, such as flight or the internet, obviously transform human abilities; facial recognition seems merely to encode them. Although faces are peculiar to individuals, they are also public, so technology does not, at first sight, intrude on something that is private. And yet the ability to record, store and analyse images of faces cheaply, quickly and on a vast scale promises one day to bring about fundamental changes to notions of privacy, fairness and trust.

The final frontier

Start with privacy. One big difference between faces and other biometric data, such as fingerprints, is that they work at a distance. Anyone with a phone can take a picture for facial-recognition programs to use. FindFace, an app in Russia, compares snaps of strangers with pictures on VKontakte, a social network, and can identify people with a 70% accuracy rate. Facebook’s bank of facial images cannot be scraped by others, but the Silicon Valley giant could obtain pictures of visitors to a car showroom, say, and later use facial recognition to serve them ads for cars. Even if private firms are unable to join the dots between images and identity, the state often can. China’s government keeps a record of its citizens’ faces; photographs of half of America’s adult population are stored in databases that can be used by the FBI. Law-enforcement agencies now have a powerful weapon in their ability to track criminals, but at enormous potential cost to citizens’ privacy.

The face is not just a name-tag. It displays a lot of other information—and machines can read that, too. Again, that promises benefits. Some firms are analysing faces to provide automated diagnoses of rare genetic conditions, such as Hajdu-Cheney syndrome, far earlier than would otherwise be possible. Systems that measure emotion may give autistic people a grasp of social signals they find elusive. But the technology also threatens. Researchers at Stanford University have demonstrated that, when shown pictures of one gay man, and one straight man, the algorithm could attribute their sexuality correctly 81% of the time. Humans managed only 61% (see article). In countries where homosexuality is a crime, software which promises to infer sexuality from a face is an alarming prospect.

Keys, wallet, balaclava

Less violent forms of discrimination could also become common. Employers can already act on their prejudices to deny people a job. But facial recognition could make such bias routine, enabling firms to filter all job applications for ethnicity and signs of intelligence and sexuality. Nightclubs and sports grounds may face pressure to protect people by scanning entrants’ faces for the threat of violence—even though, owing to the nature of machine-learning, all facial-recognition systems inevitably deal in probabilities. Moreover, such systems may be biased against those who do not have white skin, since algorithms trained on data sets of mostly white faces do not work well with different ethnicities. Such biases have cropped up in automated assessments used to inform courts’ decisions about bail and sentencing.

Eventually, continuous facial recording and gadgets that paint computerised data onto the real world might change the texture of social interactions. Dissembling helps grease the wheels of daily life. If your partner can spot every suppressed yawn, and your boss every grimace of irritation, marriages and working relationships will be more truthful, but less harmonious. The basis of social interactions might change, too, from a set of commitments founded on trust to calculations of risk and reward derived from the information a computer attaches to someone’s face. Relationships might become more rational, but also more transactional.

In democracies, at least, legislation can help alter the balance of good and bad outcomes. European regulators have embedded a set of principles in forthcoming data-protection regulation, decreeing that biometric information, which would include “faceprints”, belongs to its owner and that its use requires consent—so that, in Europe, unlike America, Facebook could not just sell ads to those car-showroom visitors. Laws against discrimination can be applied to an employer screening candidates’ images. Suppliers of commercial face-recognition systems might submit to audits, to demonstrate that their systems are not propagating bias unintentionally. Firms that use such technologies should be held accountable.

Read the complete article on The Economist magazine web site.

 

Vibrator maker ordered to pay out C$4m for tracking users’ sexual activity

The We-Vibe is marketed as a way to ‘allow couples to keep their flame ignited – together or apart’. Photograph: Emily Berl for the Guardian

Following a class-action lawsuit in an Illinois federal court, We-Vibe’s parent company Standard Innovation has been ordered to pay a total of C$4m to owners, with those who used the vibrators associated app entitled to the full amount each. Those who simply bought the vibrator can claim up to $199.

The We-Vibe 4 Plus is a £90 bluetooth connected vibrator, which can be controlled through an app. It is marketed as a way to “allow couples to keep their flame ignited – together or apart”. Its app-enabled controls can be activated remotely, allowing, for instance, a partner on the other end of a video call to interact.

But the app came with a number of security and privacy vulnerabilities, which added up to produce something that many would feel uncomfortable about using.

The app that controls the vibrator is barely secured, allowing anyone within bluetooth range to seize control of the device.

In addition, data is collected and sent back to Standard Innovation, letting the company know about the temperature of the device and the vibration intensity – which, combined, reveal intimate information about the user’s sexual habits.

The flaws with the We-Vibe sex toy were first revealed at the Def Con hacking conference in Las Vegas in 2016 by New Zealand-based hackers “goldfisk” and “follower”. Speaking there, the pair argued that the problem was a “serious issue”: “unwanted activation of a vibrator is potentially sexual assault”, follower said.

In practice, given the C$4m total settlement and the requirement to pay various legal fees first, most We-Vibe owners are likely to receive somewhat less than the full $10,000 they are entitled to.

Source: Article on The Guardian newspaper web site.

 

 

U.S. privacy laws in the age of Trump

In my first part of “Trump’s Executive Order Eliminates Privacy Act Protections for Foreigners” I wrote about Section 14 of the Executive Order which states:

“Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.” El Trumpo is not only building walls he’s tearing them down too.

In Part Two video podcast law professor Michael Geist talks about information sharing agreements as they pertain to Canada and U.S., but such implications could apply to any country besides Canada.

U.S. privacy laws in the age of Trump

About Michael Geist: Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law. He has obtained a Bachelor of Laws (LL.B.) degree from Osgoode Hall Law School in Toronto, Master of Laws (LL.M.) degrees from Cambridge University in the UK and Columbia Law School in New York, and a Doctorate in Law (J.S.D.) from Columbia Law School.

Trump’s Executive Order Eliminates Privacy Act Protections for Foreigners

Photograph: Mike Segar/Reuters

Photograph: Mike Segar/Reuters

President Donald Trump’s Executive Order on domestic safety, released January 25th, has enormous implications for the privacy of everyone living outside the United States. For Canadians, the order should raise significant concerns about government data shared with U.S. authorities as well as the collection of Canadian personal information by U.S. agencies. Given the close integration between U.S. and Canadian agencies – as well as the fact that Canadian Internet traffic frequently traverses into the U.S. – there are serious implications for Canadian privacy. Moreover, the order will raise major concerns in the European Union, creating the possibility of restrictions on data transfers as it seemingly kills the Privacy Shield compromise.

Section 14 of the Executive Order states:

Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information. 

The protection of Canadian information which ends up in U.S. hands has long been a source of concern. Professor Lisa Austin has written about “constitutional black holes” in which Canadian data is not protected by the Canadian Charter of Rights and Freedoms and the protection afforded to the data in the United States is at a lower standard than for its citizens and permanent residents.

The Privacy Act referenced in the order did not extend privacy rights to non-U.S. citizens and permanent residents when it first enacted in 1974. However, in 2007, the Department of Homeland Security issued a policy that extended some provisions to non-U.S. persons. In the aftermath of the Snowden revelations, there has been much written on the need to extend privacy protections to foreigners.

The Trump Executive Order makes it clear that U.S. agencies should ensure that their policies do not extend privacy rights to non-U.S. citizens or permanent residents under the Privacy Act. The intent and effect of the order means that the personal information of Canadians will not be protected under that statute. The decision requires an immediate review by the Privacy Commissioner of Canada on the effect of Canadian personal information and data sharing agreements and a potential re-assessment of what personal information is made available to U.S. agencies.

Source: http://www.michaelgeist.ca/2017/01/trumps-executive-order-eliminates-privacy-act-protections-for-foreigners/

About Michael Geist: Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law. He has obtained a Bachelor of Laws (LL.B.) degree from Osgoode Hall Law School in Toronto, Master of Laws (LL.M.) degrees from Cambridge University in the UK and Columbia Law School in New York, and a Doctorate in Law (J.S.D.) from Columbia Law School.  Dr. Geist is a syndicated columnist on technology law issues with his regular column appearing in the Toronto Star, the Hill Times, and the Tyee.

How will Trump use US Intelligence operations?

 The NSA. Obama’s approach has been to offer a modicum of transparency, much of it forced on him by the courts, in place of reform. Photograph: Patrick Semansky/AP

The NSA. Obama’s approach has been to offer a modicum of transparency, much of it forced on him by the courts, in place of reform. Photograph: Patrick Semansky/AP

How will President-elect Donald Trump use the US Intelligence agencies once he is President?

On one hand Trump lambasts US Intelligence agencies. On the other hand he can’t wait to get hold of the power of the US Intelligence agencies.

Russian delivery of false news through social media in order to promote Trump during US Presidential race is dismissed by Trump. Regarding the hacking of the Democrat emails, he said it was ultimately irrelevant, describing the data penetration and leak as having “absolutely no effect on the outcome of the election”.

For something which had “absolutely no effect on the outcome of the election” Trump certainly mentioned missing emails every chance he had and even asked Russia to find more of Hilary Clinton’s missing emails.

What’s with Trump and Russia anyway? Does Trump have Putin envy?

But I digress. On the campaign trail, Trump made an ambiguous remark about wishing he had access to surveillance powers.

“I wish I had that power,” he said while talking about the hack of Democratic National Committee emails. “Man, that would be power.”

Man, that would be power??? I wish I had that power??? This from a person running for the most powerful political position in the world? What does that say about the man? It tells me he is immature and an egotist.

I doubt any person with an IQ above gravel would vocalize such thoughts while running for Presidency of the United States. Think them? Okay. Speak them during an election? Dumber than gravel.

Back in November I posted a piece about “Privacy experts fear Donald Trump running global surveillance network.” You may read it here.

Privacy experts fear Donald Trump running global surveillance network

 The NSA. Obama’s approach has been to offer a modicum of transparency, much of it forced on him by the courts, in place of reform. Photograph: Patrick Semansky/AP

The NSA. Obama’s approach has been to offer a modicum of transparency, much of it forced on him by the courts, in place of reform. Photograph: Patrick Semansky/AP

Privacy activists, human rights campaigners and former US security officials have expressed fears over the prospect of Donald Trump controlling the vast global US and UK surveillance network.

Privacy and human rights campaigners in the US and UK say a Trump presidency will tip the balance between surveillance and privacy decisively towards the former. The UK surveillance agency GCHQ is so tied up with America’s NSA, often doing work on its behalf, it could find itself facing a series of ethical dilemmas.

On the campaign trail, Trump made an ambiguous remark about wishing he had access to surveillance powers.

“I wish I had that power,” he said while talking about the hack of Democratic National Committee emails. “Man, that would be power.”

“I think many Americans are waking up to the fact we have created a presidency that is too powerful.”

John Napier Tye, a former state department official who became a reluctant whistleblower in 2014, warning of NSA dragnets, said: “Obama and Bush could have set the best possible privacy protections in place, but the trouble is, it’s all set by executive order, not statute.

“So Trump could revise the executive order as he pleases. And since it’s all done in secret, unless you have someone willing to break the law to tell you that it happened, it’s not clear the public will ever learn it did. Consider that even now, the American people still do not know how much data on US persons the NSA actually collects.”

Thomas Drake, an NSA whistleblower who predated Snowden, offered an equally bleak assessment. He said: “The electronic infrastructure is fully in place – and ex post facto legalised by Congress and executive orders – and ripe for further abuse under an autocratic, power-obsessed president. History is just not kind here. Trump leans quite autocratic. The temptations to use secret NSA surveillance powers, some still not fully revealed, will present themselves to him as sirens.”

One specific surveillance measure Trump proposed on the campaign trail was surveilling mosques and keeping a database of Muslims. “A grave concern we have is that his rhetoric is going to be perceived in some corners as a green light for unfettered surveillance activities. Our concern is not just about the NSA but also the FBI. The FBI doesn’t exactly have a great record over the last 15 years,” said Farhana Khera, the president and executive director of the US-based civil rights group Muslim Advocates.

The next flashpoint over the NSA’s powers will come late in 2017, when a major surveillance law permitting collection of Americans’ international communications is set for expiration, the legal basis for the NSA’s Prism programme which siphons information from the technology giants.

According to documents released by Snowden, now years out of date as technological advancements have developed, the NSA vacuums 5bn daily records just of cellphone locations. In April 2011, it was collecting an average of 194m text messages every day.